Описание
Security update for libxml2
This update for libxml2 fixes the following issues:
- CVE-2023-39615: Fixed crafted xml can cause global buffer overflow (bsc#1214768).
Список пакетов
Container caasp/v4/cilium-operator:1.6.6
libxml2-2-2.9.7-150000.3.60.1
Container caasp/v4/cilium:1.6.6
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/ceph/grafana:latest
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/ceph/haproxy:latest
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/ceph/keepalived:latest
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/ceph/prometheus-alertmanager:latest
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/ceph/prometheus-node-exporter:latest
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/ceph/prometheus-server:latest
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/ceph/prometheus-snmp_notifier:latest
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/cephcsi/cephcsi:latest
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/cephcsi/csi-attacher:v4.1.0
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/cephcsi/csi-provisioner:v3.4.0
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/cephcsi/csi-resizer:v1.7.0
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1
libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/rook/ceph:latest
libxml2-2-2.9.7-150000.3.60.1
Container suse/ltss/sle15.3/bci-base:latest
libxml2-2-2.9.7-150000.3.60.1
Container suse/sle-micro-rancher/5.2:latest
libxml2-2-2.9.7-150000.3.60.1
Container suse/sle-micro/5.1/toolbox:latest
libxml2-2-2.9.7-150000.3.60.1
Container suse/sle-micro/5.2/toolbox:latest
libxml2-2-2.9.7-150000.3.60.1
Container suse/sle15:15.1
libxml2-2-2.9.7-150000.3.60.1
Container suse/sle15:15.2
libxml2-2-2.9.7-150000.3.60.1
Container suse/sle15:15.3
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP2-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP2-HPC-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP2-SAP-Azure
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP2-SAP-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP2-SAP-BYOS-GCE
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP2-SAP-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP2-SAP-GCE
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP3-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-BYOS-GCE
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-CHOST-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-CHOST-BYOS-EC2
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-CHOST-BYOS-GCE
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-HPC-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-HPC-BYOS-GCE
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
libxml2-2-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
libxml2-2-2.9.7-150000.3.60.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP3-SAP-BYOS-Azure
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP3-SAP-BYOS-GCE
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP3-SAPCAL-Azure
libxml2-2-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP3-SAPCAL-EC2-HVM
libxml2-2-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
Image SLES15-SP3-SAPCAL-GCE
libxml2-2-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
SUSE Enterprise Storage 7
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python2-libxml2-python-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Enterprise Storage 7.1
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python2-libxml2-python-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python2-libxml2-python-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise Micro 5.1
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
SUSE Linux Enterprise Micro 5.2
libxml2-2-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise Server 15 SP1-LTSS
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python2-libxml2-python-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python2-libxml2-python-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python2-libxml2-python-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python2-libxml2-python-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Manager Proxy 4.2
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
SUSE Manager Server 4.2
libxml2-2-2.9.7-150000.3.60.1
libxml2-2-32bit-2.9.7-150000.3.60.1
libxml2-devel-2.9.7-150000.3.60.1
libxml2-tools-2.9.7-150000.3.60.1
python2-libxml2-python-2.9.7-150000.3.60.1
python3-libxml2-python-2.9.7-150000.3.60.1
openSUSE Leap 15.4
python3-libxml2-python-2.9.7-150000.3.60.1
openSUSE Leap 15.5
python3-libxml2-python-2.9.7-150000.3.60.1
Ссылки
- Link for SUSE-SU-2023:3698-1
- E-Mail link for SUSE-SU-2023:3698-1
- SUSE Security Ratings
- SUSE Bug 1214768
- SUSE CVE CVE-2023-39615 page
Описание
** DISPUTED ** Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.
Затронутые продукты
Container caasp/v4/cilium-operator:1.6.6:libxml2-2-2.9.7-150000.3.60.1
Container caasp/v4/cilium:1.6.6:libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/ceph/grafana:latest:libxml2-2-2.9.7-150000.3.60.1
Container ses/7.1/ceph/haproxy:latest:libxml2-2-2.9.7-150000.3.60.1
Ссылки
- CVE-2023-39615
- SUSE Bug 1214768